$ npm audit
# npm audit report
@xmldom/xmldom <0.8.3
Severity: moderate
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom - https://github.com/advisories/GHSA-9pgh-qqpf-7wqj
fix available via `npm audit fix --force`
Will install video.js@7.15.2, which is a breaking change
node_modules/@xmldom/xmldom
mpd-parser >=0.19.0
Depends on vulnerable versions of @xmldom/xmldom
node_modules/mpd-parser
@videojs/http-streaming >=2.10.2
Depends on vulnerable versions of mpd-parser
node_modules/@videojs/http-streaming
video.js >=7.15.3
Depends on vulnerable versions of @videojs/http-streaming
Depends on vulnerable versions of mpd-parser
node_modules/video.js
4 moderate severity vulnerabilities
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Using the latest version of mpd-parser causes a security advisory on GitHub
https://github.com/advisories/GHSA-9pgh-qqpf-7wqj